Linux Security: Auditing, Hardening and Compliance

5 things you didn’t know about shell scripting

5 things you didn’t know about shell scripting

Our security auditing tool Lynis is a toolkit consisting of several shell scripts. Many users of the software actually never realized it was written as a bunch of shells scripts.. The secret is out.. But why shell scripting? Here are 5 reasons!

1. Shell scripting is powerful

Yes, people asked us why our tool Lynis was not written in Perl, Python, Ruby, C++ etc.. But honestly, why would we? It is portable, no compilation needed and supports almost every single Unix based system there is. Combine it with the common available tools like awk, grep and sed and you have a great foundation.

2. Shell scripts don’t have to be boring

Most shell scripts are boring. They don’t show anything, nor have any coloring. What a shame.. Lynis uses a color scheme, has an update check, intercepts interruption (e.g. CTRL-C) and shows warnings if it was not terminated properly last time. There is so much possible!

3. Repeating..ing..ing..ing

Why repeat the same statements in your shell scripts each time? Build a powerful set of functions and include that in your existing and new shell scripts. Don’t use “echo” while you also can call your own function Display. By using your own function you can now determine on-the-fly if this output needs to go to the screen, or maybe be suppressed, or get logged as well. Let your script do the smart thinking and redirecting.

4. Readability

Whatever programming language you use, it can be quickly become a burden to understand what happens and why. Remember when reading your code after a few years (or just a few weeks..)? Yes, you need to use proper commenting, but that’s also area of science itself.

With shell script the chance of making things really unreadable, is much lower. Sure you can use exotic features of the shell, which others don’t understand. But if you honestly care about your scripts, you can make it workable and at the same time keep it readable. The beauty of simplicity!

5. Always available

Being able to do real programming is great. But if you are a system administrator, you might not enjoy programming at all. Shell script is different..

Shell scripting can always be used, on each system you encounter. It makes your life easier by automating repeated steps. No fiddling with code, setting crazy memory pointers, or discovering why used a wrong file descriptor. Just paste your favorite commands in a file, make it executable and run it proudly. Easy to learn, and, well also easy to master.

Oh, although we love the power of shell scripting, there is no doubt that other alternatives may be a better fit for your work. We definitely don’t want to “bash” your favorite programming language ;)